%---------- reversibility

@inproceedings{t-rccs,
  author    = {Vincent Danos and  Jean Krivine},
  title     = {Transactions in RCCS},
  booktitle = {Concurrency Theory, 16th International Conference, CONCUR},
  year      = {2005},
  pages     = {398-412},
   publisher = {Springer},
  series    = {Lecture Notes in Computer Science},
  volume    = {3653}
}

@inproceedings{rccs,
  author    = {Vincent Danos and  Jean Krivine},
  title     = {Reversible Communicating Systems},
  booktitle = {Concurrency Theory, 15th International Conference, CONCUR},
  year      = {2004},
  pages     = {292-307},
 publisher = {Springer},
  series    = {Lecture Notes in Computer Science},
  volume    = {3170}
}


%-----------------------------

@inproceedings{myreenPOPL,
  author    = {Magnus O. Myreen},
  title     = {Verified just-in-time compiler on x86},
  booktitle = {Proceedings of the 37th ACM SIGPLAN-SIGACT Symposium on
               Principles of Programming Languages, POPL 2010},
  year      = {2010},
  pages     = {107-118},
    publisher = {ACM},
}

@inproceedings{LakPEPM10,
  author    = {Arun Lakhotia and
               Davidson R. Boccardo and
               Anshuman Singh and
               Aleardo Manacero},
  title     = {Context-sensitive analysis of obfuscated x86 executables},
  booktitle = {Proceedings of the 2010 ACM SIGPLAN Workshop on Partial
               Evaluation and Program Manipulation, PEPM 2010},
  year      = {2010},
  pages     = {131-140},
   publisher = {ACM},

}



@inproceedings{marion10,
  author    = {Philippe Beaucamps and
               Isabelle Gnaedig and
               Jean-Yves Marion},
  title     = {Behavior Abstraction in Malware Analysis},
  booktitle = {Runtime Verification - First International Conference, RV10},
  year      = {2010},
  pages     = {168-182},
  publisher = {Springer},
  series    = {Lecture Notes in Computer Science},
  volume    = {6418}
}


@inproceedings{most,
 author = {Mitesh Shah},
 title = {Top 12 Most Dangerous Virus},
 note = {available at \texttt{http://xtremediary.blogspot.com/2009/08/top-12-most-dangerous-virus.html}},
 } 

@article{mental-poly,
author = {Mental Driller},
title = {Advanced polymorphic engine construction},
journal = {29A E-zine},
note = {available at http://vx.netlux.org/lib/vmd03.html},
year = {2000}
}

@article{mental-tuareg,
author = {Mental Driller},
title = {TUAREG details and source code},
journal = {29A E-zine},
note = {available at http://vx.org.ua/29a/29A-5.html},
year = {2000}
}
 

@inproceedings{mental,
 author = {Mental Driller},
 title = {How I made MetaPHOR and what I've learnt},
 note = {available at VX Heavens: \texttt{http://vxheavens.com/lib/vmd01.html}},
 year = {2002},
 }


@inproceedings{bea08,
 author = {Philippe Beaucamps},
 title = {Advanced Metamorphic Techniques in Computer Viruses},
 note = {available at VX Heavens: \texttt{http://vxheavens.com/lib/apb01.html}},
 year = {2008},
 }

@string{ pszor = {P{\'{e}}ter Sz{\"{o}}r} }


@book{Szor-ACVRD,
  author =       pszor,
  title =        {The Art of Computer Virus Research and Defense},
  year =         {2005},
  publisher =    {Addison-Wesley Professional},
  address =      {Boston, MA, USA},
}



@inproceedings{emami,
 author = {Emami, Maryam and Ghiya, Rakesh and Hendren, Laurie J.},
 title = {Context-sensitive interprocedural points-to analysis in the presence of function pointers},
 booktitle = {PLDI '94: Proceedings of the ACM SIGPLAN 1994 conference on Programming language design and implementation},
 year = {1994},
 pages = {242--256},
 publisher = {ACM},
 }


@inproceedings{maurice,
  author    = {Maurice Bruynooghe and
               Gerda Janssens and
               Alain Callebaut and
               Bart Demoen},
  title     = {Abstract Interpretation: Towards the Global Optimization   of Prolog Programs},
  booktitle = {Symposium on Logic Programming},
  year      = {1987},
  pages     = {192-204},
 }



@article{sato-83,
  author    = {Hisao Tamaki and Taisuke Sato},
  title     = {Program Transformation Through Meta-shifting},
  journal   = {New Generation Comput.},
  volume    = {1},
  number    = {1},
  year      = {1983},
  pages     = {93-98},
 }


@inproceedings{cai-pldi07,
 author = {H. Cai and Z. Shao and A. Vaynberg},
 title = {Certified self-modifying code},
 booktitle = {PLDI '07: Proceedings of the 2007 ACM SIGPLAN conference on Programming language design and implementation},
 year = {2007},
 pages = {66--77},
 publisher = {ACM},
 address = {New York, NY, USA},
 }


@inproceedings{reps-analysis-05,
  author    = {G. Balakrishnan and R. Gruian and T. W. Reps and
               T. Teitelbaum},
  title     = {CodeSurfer/x86-A Platform for Analyzing x86 Executables},
  booktitle = {14th Internatational Conference on Compiler Construction (CC'05)},
  year      = {2005},
  pages     = {250-254}
}

@inproceedings{reps-analysis-04,
  author    = {G. Balakrishnan and T. W. Reps},
  title     = {Analyzing Memory Accesses in x86 Executables},
  booktitle = {13th Internatational Conference on Compiler Construction (CC'04)},
  year      = {2004},
  pages     = {5-23}
}



@article{grammar09,
	author = {Zbitskiy, Pavel },
	journal = {Journal in Computer Virology},
	posted-at = {2009-04-17 10:31:30},
	title = {Code mutation techniques by means of formal grammars and automatons},
	year = {2009}
}

@article{qozah99,
	author = {Qozah},
	journal = {29A E-zine},
	posted-at = {2009-04-17 10:31:30},
	title = {Polymorphism and Grammars},
	year = {2009},
}

@inproceedings{filiol07,
 author = {E. Filiol},
 title = {Metamorphism, formal grammars and undecidable code mutation},
 booktitle = {Proceedings of World Academy of Science, Engineering and Technology (PWASET)},
 year = {2007},
volume = {20}
 }


@inproceedings{SF01,
   author =    {P. Sz{\"o}r and P. Ferrie},
   title =     {Hunting for metamorphic},
   pages =     {123--144},
   booktitle = {Proceedings of the Virus Bulleting Conference},
   publisher = {Virus Bulletin Ltd},
   year =      2001,
}


@inproceedings{CC95,
   author =    {P. Cousot and R. Cousot},
   title =     {Formal Language, Grammar and Set-Constraint-Based Program 
                Analysis by Abstract Interpretation},
   pages =     {170--181},
   booktitle = {Proceedings of the Seventh ACM Conference on Functional 
                Programming Languages and Computer Architecture},
   address =   {La Jolla, California},
   publisher = {ACM Press, New York, NY},
   month =     {25--28 June},
   year =      1995,
}


@inproceedings{CC78,
   author =    {P. Cousot and N. Halbwachs},
   title =     {Automatic discovery of linear restraints among variables of
                a program},
   pages =     {84--97},
   booktitle = {Conference Record of the Fifth Annual ACM SIGPLAN-SIGACT 
                Symposium on Principles of Programming Languages},
   address =   {Tucson, Arizona},
   publisher = {ACM Press, New York, NY},
   year =      1978,
}

@inproceedings{lak-ME,
 author = {A. Walenstein and R. Mathur and M. R. Chouchane and A. Lakhotia},
 title = {Normalizing Metamorphic Malware Using Term Rewriting},
 booktitle = {Proceedings of the Sixth IEEE International Workshop on Source Code Analysis and Manipulation (SCAM'06)},
 year = {2006},
 pages = {75--84},
 }

@InProceedings{kinder07MC,
  author =       {A. Holzer and J. Kinder and H. Veith},
  title =        {Using verification technology to specify and detect malware},
  booktitle =    {Proceedings of the 11th International Conference on
                  Computer Aided System Theory (EUROCAST'07)},
  pages =        {497--504},
  year =         {2007},
  volume =       {4739},
  series =       {LNCS},
}



@inproceedings{rootkit,
 author = {K. Chiang and L. Lloyd},
 title = {A case study of the rustock rootkit and spam bot},
 booktitle = {HotBots'07: Proceedings of the first conference on First Workshop on Hot Topics in Understanding Botnets},
 year = {2007},
 pages = {10--10},
 location = {Cambridge, MA},
 publisher = {USENIX Association},
 address = {Berkeley, CA, USA},
 }



@inproceedinghs{detristanulenspiegelmalcomvonunderduk2003-polyshellcode,
author = {T. Detristan and T. Ulenspiegel and
 Y. Malcom  and M.S. von Underduk},
title = {Polymorphic shellcode engine using spectrum analysis},
booktitle = {Phrack}, 
volume = {11},
number ={61},
publisher = {\url{http://www.phrack.org}},
year = {2003},
}

@inproceedings{guptasekar-anomemail2003,
author = {A. Gupta and R.Sekar},
title = {An approach for detecting self-propagating email using anomaly
  detection},
editors = {G. Vigna and E. Jonsson and C.~Kruegel}, 
booktitle = {Proceedings of the 6th International Symposium on Recent
                  Advances in Intrusion Detection (RAID'03)}, 
volume = {2820},
series = {LNCS},
pages = {55--72}, 
year = {2003},
}



%--------------------------------------------------------------------

@misc{silva-thesis,
author = "V. {D'Silva}",
title = {Widening for Automata},
howpublished = {Diploma Thesis, Institut Fur Informatick, Universitat Zurich},  
year = {2006}
}

@inproceedings{bartzis04,
author = {C. Bartzis and T. Bultan},
title = {Widening arithmetic automata},
booktitle = {Proceedings of the 16th International Conference on Computer Aided Verification (CAV2004)},
pages = {321--333},
series = {LNCS},
volume = {3114},
year = {2004}
}


@article{lorenzo07,
 author = {D. Bruschi and L. Martignoni and M. Monga},
 title = {Code Normalization for Self-Mutating Malware},
 journal = {IEEE Security and Privacy},
 volume = {5},
 number = {2},
 year = {2007},
 pages = {46--54},
 publisher = {IEEE Educational Activities Department},
 }


@inproceedings{Min01b,
author = {A. Min\`e},
title = {The octagon abstract domain},
booktitle = {Proc.\ Analysis, Slicing and Transformation (AST'01)}, 
pages = {310--319}, 
year = {2001},
}

@inproceedings{CH78,
author = {P. Cousot and N. Halbwachs},
title ={Automatic discovery of linear restraints among variables 
of a program},
booktitle = {Proceedings of the 5th ACM Symp.\ on
                  Principles of Programming Languages (POPL'78)}, 
pages = {84--97}, 
year = {1978},
}


@inproceeding{Gr,
author = {P. Granger},
title = {Static analysis of linear congruence equality 
 among variables of a program},  
booktitle = {Proc. Joint Conf. on Theory and Practice of 
 Software Development (TAPSOFT'91)}, 
pages = {169--192}, 
year = {1991},
}

@inproceedings{michael97genetic,
author = {C. Michael and  G. McGraw and  M. Schatz and C. Walton},
title = {Genetic algorithms for dynamic test data generation},
booktitle = { Proc.\ ASE'97}, 
pages = {307--308}, 
year = {1997},
}


@inproceedings{diota,
author = {J.Maebe and  M. Ronsse and K. De Bosschere},
title = {DIOTA: Dynamic Instrumentation, Optimization and Transformation of Applications},
booktitle = {Proc.\ 4th Workshop on Binary Translation (WBT'02)}, 
year = {2002},
}

@book{hp,
author = {J. Hormkovic},
title = {Algorithmics for hard problems},
publisher = {Springer-Verlag}, 
year = {2002},
}


@inproceedings{madou05hybrid,
author = {M. Madou and  B. Anckaert and  B. De Sutter and K. De Bosschere},
title = {Hybrid static-dynamic attacks against software protection mechanisms},
booktitle = {Proc.\  5th ACM Workshop on Digital Rights Management (DRM'05)}, 
year = {2005},
}


@article{ward,
author = {M. Ward},
title = {The closure operators of a lattice},
journal = {Annals of Mathematics},
volume = {43},
number = {2},
pages = {191--196},
year = {1942},
}


@article{tarski,
author = {A. Tarski},
title = {A lattice theoretical fixpoint theorem and its applications},
journal = {Pacific J. Math.},
volume = {5},
pages = {285--310},
year = {1955},
}


%----------Malware------------------------------

@article{sama03,
  author =       {M. Samamura},
  title =        {\textit{Expanded threat list and virus encyclopedia}},
  volume = {chapter W95.CIH},
  journal = {\rm Symantec Antivirus Research Center},
  year = {1998},
  howpublished =
                  {\url{http://securityresponse.symantec.com/avcenter/venc/data/cih.html}},
}


@INPROCEEDINGS{leeDM99,
author = {W. Leee and S. Stolfo and K. W. Mok},
title = {A data mining framework for building intrusion detection models},
booktitle = {Proceedings of the IEEE Symposium on Security and
                  Privacy (S \& P'99)},
year = {1999},
pages = {120--132}
}


@INPROCEEDINGS{leeDM98,
author = {W. Lee and S. Stolfo},
title = {Data mining approaches for intrusion detection},
booktitle = {Proceedings of the 7th USENIX Security Symposium},
pages = {79--93},
year = {1998},
}

@INPROCEEDINGS{leeDM00,
author = {W. Lee and R. A. Nimbalkar and K. K. Yee and S. B. Patil and
                  P. H.  Desai and T. T. Tran and S. J. Stolfo},
title = {A data mining and CIDF based approach for detecting novel and
                  distributed intrusions},
series = {LNCS},
volume = {1907},
number = {1},
pages = {49--65},
year = {2000},
}


@article{mcf95,
author = {R. W. Lo and K. N. Levitt and R. A. Olsson},
title = {MCF: A malicious code filter},
journal = {Computers \& Security},
volume = {14},
pages = {541--566},
year = {1995},
}

@TechReport{MCqua05,
    author = {L. Briesemeister and P. A. Porras and A. Tiwari},
    title = {Model checking of worm quarantine and counter- quarantine
                  under a group defense},
    institution = {SRI International, Computer Science Laboratory},
    year = {2005},
    number = {SRI-CSL-05-03},
}

@InProceedings{kinder05MC,
  author =       {J. Kinder and S. Katzenbeisser and C.  Schallhart
                  and H. Veith},
  title =        {Detecting malicious code by model checking},
  booktitle =    {Proceedings of the 2nd International Conference on
                  Intrusion and Malware Detection and Vulnerability
                  Assessment (DIMVA'05)},
  pages =        {174--187},
  year =         {2005},
  volume =       {3548},
  series =       {LNCS},
}


@INPROCEEDINGS{lak03MC,
author = {P. Singh and A. Lakhotia},
title = {Static verification of worm and virus behaviour in binary
                  executables using model checking},
booktitle = {Proceedings of the 4th IEEE Information Assurance Workshop},
year = {2003},
}


@INPROCEEDINGS{ber01,
author = {J. Bergeron and M. Debbabi and J. Desharnais  and
              M. M. Erhioui and Y. Lavoie and N. Tawbi},
booktitle = {Symposium on Requirements Engineering for Information
                  Security},
title = {Static detection of malicious code in executable programs},
year = {2001}
}


@InProceedings{lak03,
  author =       {A. Lakhotia and P. K. Singh},
  title =        {Challenges in getting ``formal'' with viruses},
  booktitle =    {Virus Bulletin},
  year =         {2000},
}

@article{spin,
author = {D. Spinellis},
title = {Reliable identification of bounded-length viruses is NP-complete},
journal = {IEEE Transactions on Information Theory},
volume = {49},
number = {1},
pages = {159--176},
year = {2003},
}


@INPROCEEDINGS{adleman,
author = {L. M. Adleman},
title = {An abstract theory of computer viruses},
booktitle = {Proceedings of Advances in cryptology {\rm ({\em CRYPTO'88\/})}},
year = {1988},
series = {LNCS},
volume = {403},
}

@INPROCEEDINGS{turing,
author = {A. M. Turing},
title = {On computable numbers, with an application to the
                  Entscheidungs problem},
booktitle = {Proceedings London Math. Soc.},
volume = {2},
pages = {230-265},
year= {1936},
}


@InProceedings{chess00,
  author =       {D.M. Chess and S.R. White},
  title =        {An undetectable computer virus},
  booktitle =    {Virus Bulletin},
  year =         {2000},
}

@Article{cohen89,
  author =       {F. Cohen},
  title =        {Computational aspects of computer viruses},
  journal =      {Computers and Security},
  year =         {1989},
  volume =       {8},
  number =       {4}, 
  pages =        {325},
}


@Article{cohen87,
  author =       {F. Cohen},
  title =        {Computer viruses: Theory and experiments},
  journal =      {Computers and Security},
  year =         {1987},
  volume =       {6},
  number =       {1},
  pages =        {22--35},
}

@phdthesis{cohenPhD,
 author = {F. Cohen},
 title = {Computer viruses},
 year = {1985},
 school = {University of Southern California},
 }


@Article{meta00,
  author =       {L. Julus},
  title =        {Metamorphism},
  journal =      {29A Magazine},
  volume =       {1},
  year =         {2000},
  number =       {5},
}


@Article{meta02,
  author =       {M. Driller},
  title =        {Metamorphism in practice},
  journal =      {29A Magazine},
  volume =       {1},
  year =         {2002},
  number =       {6},
}


@Article{rajaat1999-poly,
  author =       {Rajaat},
  title =        {Polymorphism},
  journal =      {29A Magazine},
  volume =       {1},
  year =         {1999},
  number =       {3},
}


@INPROCEEDINGS{algebraic05,
  author = {M. Webster},
  title = {Algebraic specification of computer viruses and their
                  environments},
  booktitle = {Selected Papers from the First Conference on Algebra
                  and Coalgebra in Computer Science Young Researchers
                  Workshop ({CALCO}-jnr 2005).  University of Wales
                  Swansea Computer Science Report Series {CSR}
                  18-2005},
  year = {2005},
  editor = {Peter Mosses and John Power and Monika Seisenberger},
  pages = {99--113},
}


@Article{jordan2002-metamorphism,
  author =       {Myles Jordan},
  title =        {Dealing with Metamorphism},
  journal =      {Virus Bulletin},
  year =         {2002},
  pages =        {4--6},
 }

@Manual{ia32-manual,
  title =        {IA-32 Intel Architecture Software Developer's Manual},
  author =       {{Intel Corporation}},
}

@Misc{z0mbie-rpme,
  author =       {z0mbie},
  title =        {Real Permutating Engine},
}

@Misc{z0mbie-mistfall,
  author =       {z0mbie},
  title =        {Automated Reverse Engineering: Mistfall Engine},
}

@article{syman,
  author =       {{Symantec Corporation}},
  title =        {Symantec {Internet} Security Threat Report: Trends
                  for January 06--June 06},
  publisher =    {Symantec Corporation},
  year =         {2006},
  volume =       {X},
}


@article{under,
author = {C. Nachenberg},
title = {Understanding and managing polymorphic viruses},
journal = {The Symantec Enterprise Papers},
publisher = {Symantec},
year = {1996},
volume = {XXX},
pages = {1--13},
}


@InProceedings{hunt01,
  author =       {P. Szor  and P. Ferrie},
  title =        {Hunting for Metamorphic},
  booktitle =    {Proceedings of the 2001 Virus Bulletin Conference (VB2001)},
  pages =        {123 -- 144},
  year =         {2001},
}

@INPROCEEDINGS{li05,
author = {Z. Li and A. Das and J. Zhou},
title = {Theoretical basis for intrusion detection},
booktitle = {Proceedings of the 6th IEEE Information Assurance Workshop (IAW)},
year = {2005},
}


@INPROCEEDINGS{li04,
author = {Z. Li and A. Das},
title = {Visualizing and identifying intrusion context from system
                  call trace},
booktitle = {Proceedings of the 20th Annual Computer Security
                  Applications Conference},
year = {2004},
}

@INPROCEEDINGS{Xu-sign05,
author = {J. Xu and P. Ning and C. Kil and Y. Zhai and C. Bookholt},
title = {Automatic diagnosis and response to memory corruption
                  vulnerabilities},
booktitle = {Proceedings of the 12th Conference on Computer and
                  Communication Security (CCS'05)},
year = {2005},
pages = {223--234}
}

@INPROCEEDINGS{New-sign05,
author = {J. Newsome and D. Song},
title = {Dynamic taint analysis for automatic detection, analysis, and
                  signature generation of exploits on commodity
                  software},
booktitle = {Proceedings of the 12th Annual Network and Distributed
                  System Security Symposium (NDSS \& P'05)},
year = {2005},
}

@INPROCEEDINGS{Liang-sign05,
author = {Z. Liang and R. Sekar},
title = {Fast and automated generation of attack signatures: A basis
                  for building self-protecting servers},
booktitle = {Proceedings of the 12th ACM Conference on computer and
                  Communications Security (CCS'05)},
year = {2005},
pages = {213--222}
}

@INPROCEEDINGS{Karp-sign05,
author = {J. Newsome and B. Karp and D. Song},
title = {Polygraph: Automatically generating signatures for
                  polymorphic worms},
booktitle = {Proceedings of the IEEE Symposium on Security and
                  Privacy (S \& P'05)},
year = {2005},
pages = {226--241}
}



@INPROCEEDINGS{Kim-sign04,
author = {H.-A. Kim and B. Karp},
title = {Autograph: toward automated, distributed worm signature
                  detection},
booktitle = {Proceedings of the 13th USENIX Security Symposium},
year = {2004},
}

@INPROCEEDINGS{Jha,
author = {D. Brumley and J. Newsome and D. Song and H. Wang and S. Jha},
title = {Towards automatic generation of vulnerability-based
                  signatures},
booktitle = {Proceedings of the IEEE Symposium on Security and
                  Privacy (S \& P'06)},
year = {2006},
}

@TECHREPORT{sur98,
   author = {S. Axelsson},
   title = {Research in intrusion detection systems: A survey},
   institution ={Department of Computer Engineering - University of
                  Technology - Sweden},
   year = {1998},
   type = {Technical Report},
   number = {TR:98-17},
}

@TECHREPORT{surv99,
   author = {K. A. Jackson},
   title = {Intrusion detection systems (IDD) product survey},
   institution = {Los Alamos National Laboratory},
   year = {1999},
   type = {Technical Report},
   number = {LA-UR-99-3883},
}



@InProceedings{hybrid97,
  author =       {M. J. Ranum and K. Landfield and M. Stolarchuk and
                  M. Sienkiewicz and A. Lambeth and E. Wall},
  title =        {Implementing a generalized tool for network monitoring},
  booktitle =    {Proceedings of the 11th Systems Administration
                  Conference (LISA), USENIX},
  pages =        {1--8},
  year =         {1997},
}


@InProceedings{morley2001,
  author =       {Peter Morley},
  title =        {Processing Virus Collections},
  booktitle =    {Proceedings of Virus Bullettin},
  pages =        {129--134},
  year =         {2001},
  address =      {Prague, Czech Republic},
  publisher =    {Virus Bulletin},
}

@book{north01,
author = {S. Northcutt and M. Cooper and M. Fearnow and K. Frederick},
title = {Intrusion signature and analysis},
publisher = {New Riders, SANS GIAC},
year = {2001},
}


@INPROCEEDINGS{usenix92,
  author =       {S. R. Snapp and S. E. Smaha and D. M. Teak and T. Grance},
  title =        {The DIDS (distributed intrusion detectin system) prototype},
  booktitle =    {USENIX Conference},
  pages =        {227--233},
  year =         {1992},
}

@INPROCEEDINGS{kumar94,
  author =       {S. Kumar and E. H. Spaffored},
  title =        {A pattern matching model for misuse intrusion detection},
  booktitle =    {Proceedings of the 17th National Computer
                  Security Conference},
  pages =        {11--21},
  year =         {1995},
}





@TECHREPORT{dep01,
   author = {A. Avizienis and J. Laprie and B. Randell},
   title = {Fundamental concepts of dependability},
   institution = {LAAS-CNRS},
   year = {2001},
   type = {Technical Report},
   number = {N01145},
}




@phdthesis{kumar95,
 author = {S. Kumar},
 title = {Classification and detection of computer intrusions},
 year = {1995},
 school = {Department of Computer Science, Purdue University},
 }




@article{esca98,
author = {T. Escamilla},
title = {Intrusion detection: Network security beyond the firewall},
journal = {John Wiley \& Sons, Inc.},
year = {1998},
}



@TECHREPORT{practice00,
   author = {J. Allen and A. Christie and W. Fithen and J. McHugh and
                  J. Packel and E. Stoner},
   title = {State of the practice in intrusion detection technologies},
   institution = {Carnegie Mellon University, Software Engineering
                  Instutute, CMU/SEI, Pittsburg, PA},
   year = {2000},
   type = {Technical Report},
   number = {99-TR-028, ESC-99-028},
}

@INPROCEEDINGS{imm96,
  author =       {S. Forrest},
  title =        {A sense of self for unix processes},
  booktitle =    {Proceedings of the Symposium on Security and
                  Privacy (S\&P'96)},
  pages =        {120--128},
  year =         {1996},
}

@INPROCEEDINGS{rule89,
  author =       {H. Vaccaro and G. Liepins},
  title =        {Detection of anomalous computer sessions activity},
  booktitle =    {Proceedings of the Symposium on Security and
                  Privacy (S\&P'89)},
  pages =        {280--289},
  year =         {1989},
}

@INPROCEEDINGS{stat05,
  author =       {W. J. Li and K. Wang and S. J. Stolfo and B. Herzog},
  title =        {Fileprints: Identifying file types by n-gram analysis},
  booktitle =    {Proceedings of the 6th Annual IEEE Systems, Man
                  and Cybernetics (SMC) Workshop on Information
                  Assurance (IAW'05)},
  pages =        {64--71},
  year =         {2005},
}


@INPROCEEDINGS{stat04,
  author =       {J. Z. Kolter and M. A. Maloof},
  title =        {Learning to detect malicious executables in the wild},
  booktitle =    {Proceedings of the 10th ACM SIGKDD International
                  conference on Knowledge Discovery and Data Mining
                  (KDD'04)},
  pages =        {470--478},
  year =         {2004},
}


@article{Mc01,
author = {J. McHugh},
title = {Intrusion and intrusion detection},
journal = {International Journal of Information Security},
volume = {1},
number = {1},
pages = {14--35},
year = {2001},
}

@BOOK{amoroso99,
   author = {E. G. Amoroso},
   title = {Intrusion detection: an introduction to {I}nternet
                  surveillance, correlation, trace back, and response},
   publisher = {Intrusion.net Books},
   year = {1999},
}


@INPROCEEDINGS{CJsemantics,
  author =       {M. Christodorescu and S. Jha and S. A. Seshia and
                  D. Song and R. E. Bryant},
  title =        {Semantics-Aware Malware Detection},
  booktitle =    {Proceedings of the IEEE Symposium on Security and
                  Privacy (S\&P'05)},
  pages =        {32--46},
  year =         {2005},
  address =      {Oakland, CA, USA},
}


@INPROCEEDINGS{CJstatic,
   author = {M. Christodorescu and S. Jha},
   title = {Static analysis of executables to detect malicious patterns},
   booktitle = {Proceedings of the 12th USENIX Security Symposium
                 {\rm ({\em Security~'03\/})}},
   year = {2003},
   pages = {169--186},
}

@inproceedings{CJtest,
   author = {M. Christodorescu and S. Jha},
   title = {Testing malware detectors},
   booktitle = {Proceedings of the ACM SIGSOFT International Symposium
                  on Software Testing and Analysis {\rm ({\em
                  ISSTA~'04\/})}},
   year = {2004},
   publisher = {ACM},  
   pages = {34--44},
}


@article{coev97,
author = {C. Nachenberg},
title = {Computer virus-antivirus coevolution},
journal = {Communications of the ACM},
volume = {40},
number = {1},
pages = {46--51},
year = {1997},
}

@article{class00,
author = {G. McGraw and G. Morrisett},
title = {Attacking malicious code: Report to the {I}nfosec resarch council},
journal = {IEEE Software},
volume = {17},
number = {5},
pages = {33--41},
year = {2000},
}


%---------Specification-Bases-detection---------------------------

@INPROCEEDINGS{sb94,
   author = {C. Ko and G. Fink and K. Levitt},
   title = {Automated detection of vulnerabilities in privileged
                  programs using execution monitoring},
   booktitle = {Proceedings of the 10th Computer Security Application
                  Conference},
   year = {1994},
}

@INPROCEEDINGS{sb97,
   author = {C. Ko and M. Ruschitzka and K. Levitt},
   title = {Execution monitoring of security-critical programs in
                  distributed systems: A specification-based approach},
   booktitle = {Proceedings of the IEEE Symposium on Security and Privacy},
   year = {1997},
   pages = {175--187},
}


%---Cousot-------------------------------------------------------------

@phdthesis{cousot-phd,
 author = {Patrick Cousot},
 title = {M\'ethodes it\'eratives de construction et
                 d'approximation de points fixes d'op\'erateurs
                  monotones sur un treillis,
                  analyse s\'emantique des programmes},
 year = {1978},
 order_no = {Universit\'e Scientifique et M\'edicale de
 Grenoble},
 }

@article{CC79j,
   author =    {Patrick Cousot and Radhia Cousot},
title = {Constructive versions of Tarski's fixed point theorem},
journal = {Pacific J. Math.},
volume = {82},
number = {1},
pages = {43-57},
year = {1979},
}

@INPROCEEDINGS{CC79,
   author = {P. Cousot and R. Cousot},
   title = {Systematic design of program analysis frameworks},
   booktitle = {Proceedings of the 6th ACM Symp.\ on
                  Principles of Programming Languages  {\rm ({\em
POPL~'79\/})}},
   year = {1979},
   pages = {269--282},
   publisher = {ACM Press, New York},
}

@article{C00tcs,
   author =    {Patrick Cousot},
   title =     {Constructive design of a hierarchy of semantics of a
                  transition system by abstract interpretation},
   pages =     {47--103},
   journal =   {Theoretical Computer Science},
   publisher = {Elsevier Science Publishers},
   volume =    {277},
   number =    {1--2},
   year =      {2002},
}

@article{cou96a,
author = {Patrick Cousot},
title = {Abstract interpretation},
journal = {\em ACM Comput. Surv.},
year =  {1996}, 
volume = {28},
number = {2},
pages = {324--328}
}


@INPROCEEDINGS{CC77,
   author =    {Patrick Cousot and Radhia Cousot},
   title = {Abstract interpretation: A unified lattice model for
                  static analysis of programs by construction or
                  approximation of fixpoints},
   booktitle = {Proceedings of the 4th ACM Symp.\ on
                  Principles of Programming Languages {\rm ({\em POPL~'77\/})}},
   year = {1977},
   pages = {238--252},
   publisher = {ACM Press, New York},
}

@inproceedings{CC02,
   author =    {Patrick Cousot and Radhia Cousot},
   title =     {Systematic design of program transformation frameworks by 
                abstract interpretation},
   pages =     {178--190},
   booktitle = {Proceedings of the 20th Annual ACM 
                SIGPLAN-SIGACT Symposium on Principles of Programming 
                Languages {\rm ({\em POPL~'02\/})}},
   address =   {New York, NY},
   publisher = {ACM Press},
   year =      {2002},
}


%---------Obfuscation-Watermarking-------------------------------

@INPROCEEDINGS{appel,
author = {A. W. Appel},
title = {Deobfuscation is in NP},
year = {2002},
note = {www.cs.princeton.edu/~appel/papers/deobfus.pdf},
}

@inproceedings{auxilary,
 author = {S. Goldwasser and Y. T. Kalai},
 title = {On the impossibility of obfuscation with auxiliary input},
 booktitle = {Proceedings of the 46th Annual IEEE Symposium on
                  Foundations of Computer Science  {\rm ({\em FOCS~'05\/})}},
 year = {2005},
 isbn = {0-7695-2468-0},
 pages = {553--562},
 publisher = {IEEE Computer Society},
 }

@INPROCEEDINGS{positive,
author = {B. Lynn and M. Prabhakaran and A. Sahai},
title = {Positive results and techniques for obfuscation},
booktitle = {Proceedings of Eurocrypt 2004},
year = {2004},
note = {citeseer.ist.psu.edu/lynn04positive.html},
}


@misc{wee,
author = {H. Wee},
title = {On obfuscating point functions},
booktitle = {Harold N. Gabow and Ronald Fagin, editors, STOC},
pages =  {523--532},
year = {2005},
note = {citeseer.ist.psu.edu/wee05obfuscating.html},
}

@INPROCEEDINGS{canetti,
author = {R. Canetti},
title = {Towards realizing random oracles: Hash functions that hide
                  all partial information},
booktitle = {Proc.\ Advances in cryptology {\rm ({\em CRYPTO'97\/})}},
year = {1997},
pages = {455--469},
}

@INPROCEEDINGS{limited,
author = {F. Hohl},
title = {Time limited blackbox security: Protecting mobile agents from
                  malicious hosts},
booktitle = {Proceedings of the 2nd International Workshop on
                  Mobile Agents},
series = {LNCS},
volume = {1419},
year = {1998},
}

@INPROCEEDINGS{zhu,
author ={W. Zhu and C. Thomborson and F. Wang},
title = {Obfuscate arrays by homomorphic functions}, 
booktitle = {Special Session on Computer Security and Data Privacy 
in IEEE GrC 2006},
year =  {2006}, 
pages = {770--773},
}


@article{crema,
author = {H. P. Van Vliet},
title = {Crema -- The Java obfuscator},
note = {{\sc http://web.inter.nl.net/users/H.P.van.Vliet/crema.html}},
year = {1996},
}

@INPROCEDINGS{chang02,
author = {H. Chang and M. Atallah},
title = {Protecting software code by guards},
booktitle = {Proceedings of the 1st ACM Workshop on Digital Rights
                  Management {\rm ({\em DRM~'01\/})} },
series = {LNCS},
volume = {2320}, 
pages = {160--175},
}

@INPROCEDINGS{chen02,
author = {Y. Chen and R. Venkatesan and M. Cary and R. Pang and S
                  sinha and M. Jakubowski},
title = {Oblivious hashing: A stealthy software integrity verification
                  primitive},
booktitle = {Proceedings of the 5th Information Hiding Workshop {\rm
                  ({\em IH\/})} },
series = {LNCS},
volume = {2578}, 
pages = {400--414},
year = {2002},
}

@INPROCEEDINGS{pal00,
author = {J. Palsberg and S. Krishnaswamy and M. Kwon and D. Ma and
                  Q. Shao and Y. Zhang},
title = {Experience with software watermarking},
booktitle = {Proceedings of the 16th IEEE Annual Security Applications
                  Conference {\rm ({\em ACSAC~'00\/})} },
year = {2000},
pages = {308--316},
}

@TECHREPORT{aucs99-patent,
   author = {D. Aucsmith and G. Graunke},
   title = {Tamper resistant methods and apparatus},
   institution = {Assignee: Intel Corporation},
   year = {1999},
   type = {US patent},
   number = {5.892.899},
}

@INPROCEEDINGS{aucs96,
author = {D. Aucsmith},
title = {Tamper resistant software: An implementation},
booktitle = {Proc.\ Information Hiding},
year = {1996},
pages = {317--333},
}


@TECHREPORT{mos-patent,
   author = {S. A. Moskowitz and M. Cooperman},
   title = {Method for stega-cipher protection of computer code},
   institution = {Assignee: The Dice Company},
   year = {1996},
   type = {US patent},
   number = {5.745.569},
}


@TECHREPORT{dav-patent,
   author = {R. L. Davidson and N. Myhrvold},
   title = {Method on system for generating and auditing a signature
                  for a computer pogram},
   institution = {Assignee: Microsoft Corporation},
   year = {1996},
   type = {US patent},
   number = {5.559.884},
}

@article{choen,
author = {F. Choen},
title = {Operating system protection through program evolution},
journal = {Computers and security},
number = {6},
volume = {12},
pages = {565--584},
year = {1993},
}

@article{herz,
author = {A. Herzberg and S. S. Pinter},
title = {Public protection of software},
journal = {ACM transaction on computer systems},
volume = {5},
number = {4},
pages = {371--393},
year  = {1987},
}


@article{suhler,
author = {P. A. Suhler and N. Bagherzadeh and M. Marlek and N. Iscoe},
title = {Software authorization systems},
journal = {IEEE Software},
volume = {3},
number = {5},
pages = {34--41},
year  = {1986},
}

@article{pamela,
author = {P. Samuelson},
title = {Reverse-engineering someone else's software: Is it legal?},
journal = {IEEE Software},
pages = {90--96},
year  = {1990},
}


@INPROCEEDINGS{gosler,
author = {J. R. Gosler},
title = {Software protection: myth or reality?},
booktitle = {Proc.\ Advances in cryptology {\rm ({\em CRYPTO'85\/})}},
year = {1985},
pages = {140--157},
}

@INPROCEEDINGS{matias1,
author = {M. Madou and B. Anckaert and P. Moseley and S. Debray and
                  B. De Sutter and K. De Bosschere},
title = {Software protection through dynamic code mutation},
booktitle = {Proc.\ Internat.\ Workshop on Information Security Applications
{\rm ({\em WISA'05\/})}},
year = {2005},
series = {LNCS},
volume  = {3786},
pages = {194--206},
}

@INPROCEEDINGS{isc04,
author = {C. Collberg and K. Heffiner},
title = {The obfuscation executive},
booktitle = {Proc.\ Information Security Conference {\rm ({\em ISC'04\/})}},
year = {2004},
pages = {428--440},
volume = {3225},
series = {LNCS},
}


@INPROCEEDINGS{hide,
author = {L. Ertaul and  S. Venkatesh},
title = {JHide - a tool kit for code obfuscation},
booktitle = {Proc.\ 8th IASTED International Conference on Software
                  Engineering and Applications - SEA},
year = {2004},
}

@INPROCEEDINGS{madou06loco,
author = {M. Madou and  L. Van Put and K. De Bosschere},
title = {Loco: An Interactive Code (De)Obfuscation tool},
booktitle = {Proc.\ ACM SIGPLAN Workshop on Partial Evaluation and 
Program Manipulation (PEPM'06)}, 
pages = {140--144},
year = {2006},
}

@article{sand03,
   author = {C. Collberg and G. Myles and A. H. Work},
   title = {Sand Mark - a tool for software protection research},
   Journal = {IEEE Security \& Privacy},
   volume = {1},
   number = {4},
   pages = {40--49},
   year = {2003},
}


@article{ogiso03,
        author = {T. Ogiso and Y. Sakabe and M. Soshi and A. Miyaji},
        title = {Sftware obfuscation on a theoretical basis and its
                  implemantation},
        journal = {IEEE Trans.\ Fundamentals},
        volume = {E86-{A}}, 
        number = {1},
        year = {2003},
}

@inproceedings{majumdar05secure,
author = {A. Majumdar and C. Thomborson},
title = {Securing mobile agents control flow using opaque 
predicates},
booktitle = {Proc.\ 9th Int.\ Conf. 
Knowledge-Based Intelligent Information and 
Engineering Systems (KES'05)}, 
year = {2005},
}

@INPROCEEDINGS{thom06,
author = {A. Majumdar and C. Thomborson},
title = {Manufactoring opaque predicates in distributed systems for
                  code obfuscation},
booktitle = {Proc.\ 29th Australasian Computer Science Conference
                  (ACSC'06)}, 
series = {CRPIT},
volume = {48},
pages = {187--196},
year = {2006}
}


@INPROCEEDINGS{chow,
author = {S. Chow and  Y. Gu and H. Johnson and V. A. Zakharov},
title = {An approach to the obfuscation of control-flow of sequential
                  computer programs},
booktitle = {Proc.\ 4th International Information Security Conference
                  (ISC'01)}, 
series = {LNCS},
volume = {2200},
pages = {144--155},
year = {2001}
}

@inproceedings{schwarz01PLTO,
author = {B. Schwarz and  S. Debray and G. Andrews},
title = {PLTO: A link-time optimizer for the 
Intel IA-32 architecture},
booktitle = {Proc.\ Workshop on Binary Translation (WBT'01)}, 
year = {2001},
}




@INPROCEEDINGS{myles04,
author = {G. Myles and C. Collberg},
title =  {Software watermarking via opaque predicates: implementation, 
analysis, and attacks},
booktitle = {Proc.\ Int.\ Conf.\ Electronic Commerce Research (ICECR-7)}, 
year = {2004}
}


@INPROCEEDINGS{monden00practical,
author = {A. Monden and  H. Iida and K. Matsumoto and K. Inoue and K.Torii},
title = {A practical method for watermarking java programs},
booktitle = {Proc.\ 24th Computer Software and Applications Conference}, 
pages = {191--197},
year = {2000}
}

@INPROCEEDINGS{DM05,
 author = {S. K. Udupa and S. Debray and M. Madou},
   title = {Deobfuscation: reverse engineering obfuscated code},
   booktitle = { 12th. IEEE Working Conference on Reverse Egineering
                  {\rm ({\em WCRE~'05\/})}},
   year = {2005},
}

@INPROCEEDINGS{IM01,
   author = {B. Barak and O. Goldreich and R. Impagliazzo and S. Rudich},
   title = {On the (im)possibility of obfuscating programs},
   booktitle = {Advances in {C}ryptology, {P}roc. of {C}rypto'01},
   year = {2001},
   volume = {2139},
   series = {LNCS},
   pages = {1--18},
   publisher = {Springer-Verlag},
}

@INPROCEEDINGS{CT98b,
   author = {C. Collberg and C. Thomborson and D. Low},
   title = {Manufacturing cheap, resilient, and stealthy opaque constructs},
   booktitle = {Proceedings of the 25th ACM SIGPLAN-SIGACT Symposium on
  Principles of programming languages {\rm ({\em POPL~'98\/})}},
   pages = {184--196},
   year = {1998},
   publisher = {ACM Press},
}

@INPROCEEDINGS{CT99,
   author = {C. Collberg and C. Thomborson},
   title = {Software watermarking: models and dynamic embeddings},
   booktitle = {Proceedings of the 25th ACM SIGPLAN-SIGACT Symposium on
  Principles of programming languages {\rm ({\em POPL~'99\/})}},
   pages = {311--324},
   year = {1999},
   publisher = {ACM Press},
}

@article{CT02,
        author = {C. Collberg and C. Thomborson},
        title = {Watermarking, tamper-proofing, and obduscation-tools
                  for software protection},
        journal = {IEEE Trans.\ Software Eng.},
        pages = {735--746},
        year = {2002},
}


@TECHREPORT{CT97,
   author = {C. Collberg and C. Thomborson and D. Low},
   title = {A taxonomy of obduscating transformations},
   institution = {Dept. of Computer Science, The Univ. of Auckland},
   year = {1997},
   type = {Technical Report},
   number = {148},
}


@phdthesis{wang-phd,
 author = {C. Wang},
 title = {A security architecture for survivability mechanisms},
 year = {2000},
 school = {University of Virginia},
 }

@TECHREPORT{WH,
   author = {C. Wang and J. Hill and J. Knight and J. Davidson},
   title = {Software tamper resistance: obstructing static analysis of
                  programs},
   institution = {Department of Computer Science, University of Virginia},
   year = {2000},
   type = {Technical Report {CS}-2000-12},
}


@article{Thba03,
        author = {T. Ogiso and Y. Sakabe and M. Soshi and A. Miyaji},
        title = {Sftware obfuscation on a theoretical basis and its
                  implemantation},
        journal = {IEEE Trans.\ Fundamentals},
        volume = {E86-{A}}, 
        number = {1},
        year = {2003},
}


@INPROCEEDINGS{D10,
   author = {C. Linn and S. Debray},
   title = {Obfuscation of executable code to improve resistance to
                  static sisassembly},
   booktitle = {Computer {S}ecurity {S}ymposium {\rm ({\em CSS~'03\/})}},
   pages = {290--299},
   year = {2003},
}

@INPROCEEDINGS{CT98,
   author = {C. Collberg and C. Thomborson},
   title = {Breaking abstrcations and unstructural data structures},
   booktitle = {Proc.\ of the  1994 IEEE Internat.\ Conf.\ on
              Computer Languages {\rm ({\em ICCL~'98\/})}},
   pages = {28--37},
   year = {1998},
}

@INPROCEEDINGS{mm092,
author = {G. Arboit},
title = {A method for watermarking Java programs via opaque predicates},
booktitle = {Proc.\ Int.\ Conf.\ Electronic Commerce Research 
{\rm ({\em ICECR-5\/})}},
year = {2002},
}

@ARTICLE{apt86,
   author = {K.R. Apt and G.D. Plotkin},
   title = {Countable nondeterminism and random assignement},
   journal = {J.\ of the ACM.},
   year = {1986},
   volume = {33},
   number = {4},
   pages = {724--767},
}


%----Mila-------------------

@inproceedings{sas10,
  author    = {Mila {D}alla Preda and
               Roberto Giacobazzi and
               Saumya K. Debray and
               Kevin Coogan and
               Gregg M. Townsend},
  title     = {Modelling Metamorphism by Abstract Interpretation},
 booktitle = {Proc.\ of The 17th International 
                Static Analysis Symposium, SAS10},    
  volume    = {6337},
  series =    {Lecture Notes in Computer Science},
     publisher = {Springer-Verlag},
  year      = {2010},
  pages     = {218-235},
}



@article{DCJD07,
 author = {Mila {Dalla Preda} and Mihai Christodorescu and Somesh Jha and Saumya Debray},
 title = {A semantics-based approach to malware detection},
 journal = {ACM Trans. Program. Lang. Syst.},
 volume = {30},
 number = {5},
 year = {2008},
 pages = {1--54},
 publisher = {ACM},
 }


@INPROCEEDINGS{DG05b,
author = {Mila {D}alla Preda and Roberto Giacobazzi},
title = {Control code obfuscation by abstract interpretation},
booktitle = {Proceedings of the 3rd IEEE International Conference on 
Software Engineering and Formal Methods (SEFM'05)},
pages ={301--310},
publisher = {IEEE Computer Society  Press},
year = {2005},
}

@INPROCEEDINGS{DMGD06,
author = {Mila {D}alla Preda and Matias Madou and Roberto Giacobazzi and Koen De Bosschere},
title = {Opaque predicate detection by abstract interpretation},
booktitle = {Proc.\ of the 11th International
  Conf.\ on Algebraic Methodology and Software Technology
  {\rm ({\em AMAST~'06\/})}},
year = {2006},
volume = {4019},
series = {LNCS}, 
pages =   {81--95}, 
publisher = {Springer-Verlag}
}

@INPROCEEDINGS{DG05,
   author = {Mila {D}alla Preda and Roberto Giacobazzi},
   title = {Semantic-based code obfuscation by abstract interpretation},
   booktitle = {Proc.\ of the 32nd International Colloquium on
                  Automata, Languages and Programming {\rm ({\em
                  ICALP~'05\/})}},
   year = {2005},
   volume = {3580},
   series = {Lecture Notes in Computer Science},
   pages = {1325--1336},
   publisher = {Springer-Verlag},
}

@article{JCSmg,
  author    = {Mila {Dalla Preda} and
               Roberto Giacobazzi},
  title     = {Semantics-based code obfuscation by abstract interpretation},
  journal   = {Journal of Computer Security},
  volume    = {17},
  number    = {6},
  year      = {2009},
  pages     = {855-908},
}





%-----AI--------------------------

@BOOK{compendium,
   author = {G. Gierz and K. H. Hofmann and K. Keimel and J. D. Lawson
                  and M. Mislove and D. D. Scott},
   title = {A compendium on continuos lattices},
   publisher = {Springer-Verlag},
   year = {1980},
}

@BOOK{davey,
   author = {B. A. Davey and H. A. Priestley},
   title = {Introduction to lattices and order},
   publisher = {Cambridge Press},
   year = {1990},
}

@BOOK{gratzer,
   author = {G. Gr{\"{a}}tzer},
   title = {General lattice theory},
   publisher = {Birkh{\"{a}}user Verlag, Basel, Switzerland},
   year = {1978},
}

@INPROCEEDINGS{GQ01,
   author =    {R. Giacobazzi and E. Quintarelli},
   title =     {Incompleteness, counterexamples and refinements 
                in abstract model-checking},
   booktitle = {Proc.\ of The 8th International 
                Static Analysis Symposium, SAS'01},
   year =      2001,
   series =    {Lecture Notes in Computer Science},
   editor = {P. Cousot},
   publisher = {Springer-Verlag},
   volume   =  {2126},
   pages   =   {356--373}
}


@ARTICLE{GRSjacm,
   author = {R. Giacobazzi and F. Ranzato and F. Scozzari},
   title = {Making abstract interpretations complete},
   journal = {J.\ of the ACM.},
   year = {2000},
   volume = {47},
   number = {2},
   pages = {361--416},
}


@INPROCEEDINGS{fr96,
   author = {G. Fil\'e and F. Ranzato},
   title = {Complementation of abstract domains made easy},
   booktitle = {Proceedings of the 1996 Joint International
                  Conference and Symposium on Logic
              Programming {\rm ({\em JICSLP~'96\/})}},
   year = {1996},
   editor = {M. Maher},
   pages = {348--362},
   publisher = {The {MIT} Press, Cambridge, Mass.},
}


@ARTICLE{cfgpr95,
   author = {Agostino Cortesi and Gilberto Fil\'e and Roberto Giacobazzi and
                  Catuscia Palamidessi and Francesco Ranzato},
   title = {Complementation in abstract interpretation},
   journal = {ACM Trans.\ Program.\ Lang.\ Syst.},
   year = {1997},
   volume = {19},
   number = {1},
   pages = {7--47},
}

@INCOLLECTION{Abr94,
   author = {S. Abramsky and A. Jung},
   title = {Domain theory},
   booktitle = {Handbook of Logic in Computer Science},
   publisher = {Clarendon Press, Oxford, U.K.},
   year = {1994},
   editor = {S. Abramsky and D. M. Gabbay and T. S. E. Maibaum},
   volume = {3},
   pages = {1--168},
}


%-------varie------------------------------


@INPROCEEDINGS{landi92,
author = {W. Landi and B. G. Ryder},
title = {A safe approximate algorithm for interprocedural pointer
                  aliasing},
booktitle = {Proceedings of the SIGPLAN Conference on Programming
                  Language Design and Implementation {\rm ({\em
                  PLDI~'92\/})}},
pages = {235--248},
year ={1992},
}

@article{rama97,
author = {G. Ramalingam},
title = {The undecidability of aliasing},
journal = {ACM Transactions on Programming Languages and Systems (TOPLAS)},
volume = {16},
number ={5},
pages = {1467--1471},
year = {1997},
}

@article{horwiz97,
author = {S. Horwitz},
title = {Precise flow-insensitive May-Alias analysis is NP-hard},
journal = {ACM Transactions on Programming Languages and Systems (TOPLAS)},
volume = {19},
number ={1},
pages = {1--6},
year = {1997},
}

@article{munson93,
author = {J. C, Munson and  T. M. Kohshgoftaar},
   title = {Measurement of data structure compelxity},
   journal = {Journal of Systems Software},
   volume = {20},
   year = {1993},
   pages = {217--225}
}

@inproceedings{compl80,
   author =    {Enrique I. Oviedo},
   title =     {Control flow, data flow and programmers complexity},
   booktitle = {Proc.\ of COMPSAC 80},
   pages = {146--152},
   publisher = {Chicago, IL},
   year =      {1980},
}

@inproceedings{compl81,
   author =    {Warren A. Harrison and Kenneth I. Magel},
   title =     {A complexity measure based on nesting level},
   pages =     {63--74},
   volume = {16},
   booktitle = {SIGPLAN Notices},
   year =      1981,
}

@BOOK{complexity77,
   author = {M. H. Halstead},
   title = {Elements of software science},
   publisher = {Elsevier North-Holland},
   year = {1977},
}

@BOOK{enc,
   author = {J. Marciniak (editor)},
   title = {Encyclopedia of software engineering},
   publisher = {J. Wiley \& Sons, Inc},
   year = {1994},
}


@article{Pnueli98,
   author = {A. Pnueli and O. Shtrichman and M. Siegel},
   title = {The code validation tool CVT: Automatic verification of a
                  compilation process},
   journal = {STTT},
   volume = {2},
   number = {2},
   year = {1998},
   pages = {192--201}
}


@INPROCEEDINGS{reveng97,
   author = {H. Yang and Y. Sun},
   title = {Reverse engineering and reusing {\sc cobol} programs: A
                  program transformation approach},
   booktitle = {IWFM~'97 Electronic Workshop in Computing},
   year = {1997}
}

@article{slicing84,
   author = {M. Weiser},
   title = {Program slicing},
   journal = {IEEE Trans. Software Engineering SE},
   volume = {10},
   number = {4},
   year = {1984},
   pages = {352--357}
}

@INPROCEEDINGS{Danvy93,
   author = {C. Consel and C. Danvy},
   title = {Tutorial notes on partial evaluation},
   booktitle = {Proceedings of the 20th ACM Symp.\ on
                 Principles of Programming Languages {\rm ({\em POPL~'93\/})}},
   year = {1993},
   pages = {493--501},
   publisher = {ACM Press}
}

@article{Jones94,
   author = {N. Jones},
   title = {An introduction to partial evaluation},
   journal = {ACM Comput. Surv.},
   volume = {28},
   number = {3},
   pages = {480--504},
   year = {1996},
   publisher = {ACM Press}
}

@INPROCEEDINGS{K73,
   author = {G. Kildall},
   title = {A unified approach to global program optimization},
   booktitle = {Proceedings of the 1st ACM Symp.\ on
                  Principles of Programming Languages {\rm ({\em POPL~'73\/})}},
   year = {1973},
   publisher = {ACM Press}
}

@article{P97,
   author =    {R. Paige},
   title =     {Future directions in program transformations},
   journal = {ACM SIGPLAN Not.},
   volume   =  {32},
   number  =  {1},
   pages   =   {94--97},
   year = {1997}
}


@INPROCEEDINGS{Cohen,
   author = {F. B. Cohen},
   title = {Operating system protection through program evolution},
   note = { {\sf http://all.net/books/IP/evolve.html}},
   year = {1992},
}



@book{data,
author = {M. Hecht},
title = {Flow analysis of computer programs},
publisher = {Elsevier},
year = {1977},
}

@phdthesis{Balakrishnan07,
  author =	"G. Balakrishnan",
  title =	{WYSINWYX: What You See Is Not What You eXecute},
  school =	"Computer Science Department, University of Wisconsin, Madison",
  year = 	"2007",
}

@inproceedings{reps-x86,
  author =	"G. Balakrishnan and T. Reps",
  title =	"Analyzing memory accesses in x86 executables",
  booktitle =	"Proc. 13th. International Conference on Compiler Construction", 
  month =	mar,
  year =	2004,
  pages =	"5--23",
}

@InProceedings{DMW98,
  title =        "Alias Analysis of Executable Code",
  author =       "S. K. Debray and R. Muth and M. Weippert",
  pages =        "12--24",
  booktitle =    "Proc. 25th {ACM} Symposium on Principles of
                 Programming Languages ({POPL}-98)",
  month =        jan,
  year =         "1998",
}

@inproceedings{HP00,
  author = {M. Hind and A. Pioli},
  title = {Which pointer analysis should {I} use?},
  booktitle = {ISSTA '00: Proceedings of the 2000 ACM SIGSOFT International Symposium on Software Testing and Analysis},
  year = {2000},
  pages = {113--123},
 }

